mcp-s3/.goreleaser.yml at main · txn2/mcp-s3 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
# vim: set ts=2 sw=2 tw=0 fo=cnqoj

version: 2

project_name: mcp-s3

env:
  - GO111MODULE=on

before:
  hooks:
    - go mod download
    - go mod verify

builds:
  - id: mcp-s3
    main: ./cmd/mcp-s3
    binary: mcp-s3
    goos:
      - linux
      - darwin
      - windows
    goarch:
      - amd64
      - arm64
    ignore:
      - goos: windows
        goarch: arm64
    mod_timestamp: '{{ .CommitTimestamp }}'
    env:
      - CGO_ENABLED=0
    flags:
      - -trimpath
      - -a
    ldflags:
      - -s -w
      - -X github.com/txn2/mcp-s3/internal/server.Version={{.Version}}

archives:
  - id: default
    name_template: >-
      {{ .ProjectName }}_
      {{- .Version }}_
      {{- .Os }}_
      {{- .Arch }}
    format_overrides:
      - goos: windows
        formats: [zip]
    files:
      - LICENSE
      - README.md

checksum:
  name_template: 'checksums.txt'
  algorithm: sha256

# Sign release artifacts with Cosign (keyless - uses OIDC identity)
signs:
  - id: archives
    cmd: cosign
    artifacts: archive
    signature: "${artifact}.sigstore.json"
    args:
      - "sign-blob"
      - "--yes"
      - "--bundle=${signature}"
      - "${artifact}"
  - id: checksums
    cmd: cosign
    artifacts: checksum
    signature: "${artifact}.sigstore.json"
    args:
      - "sign-blob"
      - "--yes"
      - "--bundle=${signature}"
      - "${artifact}"

# Generate Software Bill of Materials for archives
sboms:
  - artifacts: archive

snapshot:
  version_template: "{{ incpatch .Version }}-next"

changelog:
  sort: asc
  use: github
  filters:
    exclude:
      - '^docs:'
      - '^test:'
      - '^chore:'
      - Merge pull request
      - Merge branch
  groups:
    - title: Features
      regexp: '^feat'
      order: 0
    - title: Bug Fixes
      regexp: '^fix'
      order: 1
    - title: Security
      regexp: '^security'
      order: 2
    - title: Others
      order: 999

# Docker Images - Using v2 format with multi-platform support
dockers_v2:
  - id: alpine
    dockerfile: Dockerfile
    ids:
      - mcp-s3
    images:
      - ghcr.io/txn2/mcp-s3
    tags:
      - latest
      - "{{ .Tag }}"
      - "v{{ .Major }}"
    platforms:
      - linux/amd64
      - linux/arm64
    labels:
      org.opencontainers.image.created: "{{ .Date }}"
      org.opencontainers.image.title: "{{ .ProjectName }}"
      org.opencontainers.image.revision: "{{ .FullCommit }}"
      org.opencontainers.image.version: "{{ .Version }}"
      org.opencontainers.image.source: "{{ .GitURL }}"
      org.opencontainers.image.description: "MCP server for Amazon S3 and S3-compatible storage"
      org.opencontainers.image.licenses: "Apache-2.0"

# Sign Docker images with Cosign (keyless)
docker_signs:
  - cmd: cosign
    args:
      - "sign"
      - "--yes"
      - "${artifact}"
    artifacts: all

brews:
  - name: mcp-s3
    repository:
      owner: txn2
      name: homebrew-tap
      token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}"
    directory: Formula
    homepage: https://github.com/txn2/mcp-s3
    description: MCP server for Amazon S3 and S3-compatible storage
    license: Apache-2.0
    install: |
      bin.install "mcp-s3"
    test: |
      system "#{bin}/mcp-s3", "--version"

release:
  github:
    owner: txn2
    name: mcp-s3
  name_template: "{{.ProjectName}}-v{{.Version}}"
  prerelease: auto
  mode: append
  footer: |
    ## Installation

    ### Homebrew (macOS)
    ```bash
    brew install txn2/tap/mcp-s3
    ```

    ### Claude Code CLI
    ```bash
    claude mcp add s3 \
      -e AWS_REGION=us-east-1 \
      -e AWS_ACCESS_KEY_ID=your-key \
      -e AWS_SECRET_ACCESS_KEY=your-secret \
      -- mcp-s3
    ```

    ### Docker
    ```bash
    docker pull ghcr.io/txn2/mcp-s3:{{ .Tag }}
    ```

    ## Verification

    All release artifacts are signed with Cosign. Verify with:
    ```bash
    cosign verify-blob --bundle mcp-s3_{{ .Version }}_linux_amd64.tar.gz.sigstore.json \
      mcp-s3_{{ .Version }}_linux_amd64.tar.gz
    ```